﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebApplication5
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string name = TextBox1.Text;
            string password = TextBox2.Text;
            string constr = "server=LAPTOP-OB0HD9AE\\SQL1;uid=sa;pwd=123456;database=Student_db";
            SqlConnection con = null;

            string sql = "select * from StudentInfo where stu_name = @name and password = @password";
            SqlParameter[] spm = {
                new SqlParameter("@name",name),
                new SqlParameter("@password",password)
            };

            try
            {
                con = new SqlConnection(constr);
                con.Open();
                SqlCommand cmd = new SqlCommand(sql,con);
                cmd.Parameters.AddRange(spm);
                SqlDataReader sdr = cmd.ExecuteReader();

                if (sdr.Read())
                {
                    Session["CurrentUserName"] = name;
                    Literal1.Text = "登陆成功";
                    Response.Redirect("Home.aspx");
                }
                else {
                    Literal1.Text = "用户名或密码错误!";
               }
            }
            catch (Exception exce)
            {
                Response.Write("报错" + exce.Message);
            }
            finally {
                if (con != null) {
                    con.Close();
                }
            }


        }
    }
}